CVE-2017-11087
N/A
N/A
Summary
libOmxVenc in Android for MSM, Firefox OS for MSM, and QRD Android copies the output buffer to an application with the "filled length", which is larger than the output buffer's actual size, leading to an information disclosure problem in the context of mediaserver.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Qualcomm, Inc. | Android for MSM, Firefox OS for MSM, QRD Android | All Android releases from CAF using the Linux kernel | affected |
Weaknesses
- Buffer Over-read in Video
ADP Enrichment
CVE Program Container
Additional References
- https://source.android.com/security/bulletin/pixel/2018-02-01
- http://www.securityfocus.com/bid/103669
References
- https://source.android.com/security/bulletin/pixel/2018-02-01
- http://www.securityfocus.com/bid/103669
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.